Launchpad CVE tracker

CVE 2005-1195

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.

Related bugs and status

CVE-2005-1195 (Candidate) is related to these bugs:

Bug #16321: Exploitable buffer overflow in RTSP streaming code

Summary				In	Importance	Status
	16321	Exploitable buffer overflow in RTSP streaming code		xine-lib (Ubuntu)	High	Fix Released
	16321	Exploitable buffer overflow in RTSP streaming code		xine-lib (Debian)	Unknown	Fix Released

Bug #922668: Sync xine-lib-1.2 1.2.0-5 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	922668	Sync xine-lib-1.2 1.2.0-5 (universe) from Debian unstable (main)		xine-lib-1.2 (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

BUGTRAQ: 20050421 xine security...
CONFIRM: http://www.mplayerhq.h...
CONFIRM: http://www.mplayerhq.h...
GENTOO: GLSA-200504-19
OSVDB: 15711
OSVDB: 15712
SECTRACK: 1013771
SECUNIA: 15014
BUGTRAQ: 20050421 [PLSN-0003] -...
BID: 13271
CONFIRM: http://cvs.sourceforge...
CONFIRM: http://cvs.sourceforge...
XF: mplayer-mmst-stream-bo...
XF: mplayer-rtsp-stream-bo...

Launchpad.net

CVE 2005-1195

Related bugs and status

Related bugs

References